[VIM] vendor dispute: 21565: phpBB Blog index.php permalink Variable SQL Injection (fwd)
security curmudgeon
jericho at attrition.org
Fri Jan 13 08:14:09 EST 2006
I have mailed asking he test something else.
---------- Forwarded message ----------
From: Tony Boyd
To: moderators at osvdb.org
Date: Fri, 13 Jan 2006 04:58:16 -0800
Subject: [OSVDB Mods] [Change Request] 21565: phpBB Blog index.php permalink
Variable SQL Injection
I believe your notice about SQL injection into phpBB Blog is incorrect.
As the author, I saw the advisory, and attempted to do as shown (append SQL to
the URL string). The SQL was not executed.
In addition, the advisory suggests that the script is not properly sanitizing
user-supplied input to the "permalink" variable. However, it is. This line in
blog.php sanitizes the data:
$perma_id = preg_replace("/[^0-9]/", "", $_GET['permalink']);
-Tony
More information about the VIM
mailing list